Common Language Runtime (CLR) is the virtual machine component of Microsofts.NET Framework. Microsoft integrated CLR for its products, E.g. SQL Server, Office etc. We have studied CLR since last month. And we found these features could lead to several attack surface. In this talk, we discuss the security weaknesses of this code execution method. After that, we show a exploit for SQL Server through CLR and our automated tools for this exploitation. We will introduce a backdoor with administrator privilege based on CLR hijacking arbitrary.NET Applications.”]